SC Magazine Rates Forum Sentry Product Five Stars

What's the difference between a Security Gateway product and a Enterprise Service Bus (ESB)? Security!  You never let users develop and deploy custom code in a gateway.  Custom SOA functionality is better suited for ESBs or application servers.  Deploying such functionality in a SOA/XML gateway is fraught with risk.  It breaks the key paradigm of separating security from application functionality.  Security functionality should never be coded by an enterprise, it should only be configured.

Question: When was the last time you dropped custom code in your firewall?

The SC Magazine Product review of Forum Sentry, the leading security gateway in the industry validates this Security vs. ESB notion by choosing Sentry as the only SOA/XML gateway in the security product review category.  Other gateways are merely application servers or ESBs with prepackaged security functionally that can be readily by-passed by the custom code that they run.

For detailed product review see:  SC Magazine Forum Sentry

SaaS provider hooks frats to Facebook with help from SOA appliances

James Denman's article shows a real-world example of how social media such as Facebook and SOA have converged.  Web Portals now use rich content from a variety of sources and providers.  Users are now not only expecting Web SSO, but also direct integration of their social media content with corporate services.  The Facebook integration used for SSO highlights how SOA, SSO and Social media are now central to corporate IT services.

A Software as a Service (SaaS) provider specializing in financial and information services for Greek fraternal organizations has tapped into Facebook to provide its fraternity and sorority users with easier updates to information. At the same time, it has tapped into a rack-mounted SOA appliance to provide security and federation services. 

OmegaFi is a SaaS specialist that offers a range of services tailored to the Greek crowd. OmegaFi was founded on chapter and alumni management tools but the portfolio has grown to include fundraising tools as well as information management services. 

Forum Systems, a maker of security and identity management appliances for SOA systems, has been a part of OmegaFi's recent growth. According to OmegaFi CIO John Woolbright, Forum's Sentry XML gateway appliance has been instrumental. Woolbright said in a statement, "After collaborating with us to meet the requirements of a three-month proof-of-concept project, we selected Forum Systems as our provider of choice for security and federation."

For full article, see:  SaaS provider hooks frats to Facebook with help from SOA appliances.

ITBusiness Edge: Old Reliable - FTP Still Relevant in an SOA, Cloud World

Loraine Lawson covers "Old Reliable" FTP and its relevance to SOA and Cloud Computing.  FTP is "reliable" as in "a reliable friend that you can always call," however, the protocol itself is not reliable for content delivery unless Managed File Transfer (MFT) type products are used to enable reliability using FTP.  The article is well written and covers an important trend that brings SOA, Cloud Computing, and Managed File Transfer under a single, manageable umbrella.  Excerpts from the article are below:

You would think that all this movement toward cloud and services and SOA would mean the end of things like managed file transfer and FTP. Instead, companies that offer these approaches are reinventing themselves and claiming new relevance. 

Complete article: Old Reliable - FTP Still Relevant in an SOA, Cloud World

Updated XML gateway brings FTP under the SOA governance umbrella

Jack Vaughan's recent article covers an important emerging trend: convergence between SOA and MFT technologies. Managed File Transfer (MFT) is a baseline mechanism for information movement within and across corporations using legacy protocols such as FTP. However, with the emergence of modern SOA-related protocols, companies are now migrating away from less secure and less reliable MFT transport protocols. This trend is also driven by regulatory requirements including PCI, HIPPA, and GLB

Link to Jack's article: Updated XML gateway brings FTP under SOA Governance umbrella.

Excerpt from the article:

Despite SOAP and SOA inroads, the vaunted File Transfer Protocol (FTP) continues to flourish in organizations that - not surprisingly – need to transfer files. Finance and banking both represent FTP bastions – although both sectors are also on their way to becoming SOA strongholds of sorts.

Bringing FTP - originated in the 1970s - under the general umbrella of governance is an eventual goal for many of these companies. Forum Systems, a Crosscheck Networks' subsidiary, seeks to support such efforts with a recent update to the Forum Sentry Gateway.

The latest version of the gateway offers content-level security for structured and unstructured data for documents of unlimited size using the OpenPGP standard, while also enabling message transfers over a variety of secured and unsecured transport protocols. Moreover, the software allows organizations to plan migrations from batch FTP processing to SOAP with Attachments (SwA)(MIME, DIME, MTOM), while using existing centralized governance policies across both legacy and modern message formats.

SC Magazine: Federation 2.0 - An Identity Ecosystem

Deb Radcliff's defining, informative and well thought out article on the current state and future of Federated Identity is a must read for all SOA, Networking and Security professionals. According to Deb (excerpts from article):

Federated identity, the process of authenticating someone across multiple IT systems and organizations, is taking on new meaning with the growth of cloud and mobile.

Synovus Bank, with 30 banks on the East Coast, didn't want to manage the identities of its approximately 100,000 commercial and 200,000 home-based customers. It also wanted its identity management to occur outside its firewall. So Synovus recently started using Crosscheck Network's Forum Sentry XML Gateway service between these users and their applications.

“Users and their sessions authenticate on the Forum structure, their SAML assertions are signed by Forum, and Forum also issues their secure tokens,” says Santosh Kokate, lead technical analyst with Synovus. “The beauty is I have online banking sitting safely behind the identity gateway and the identities and authentication are established there. I don't have to manage those identities or write a single line of code to make federation happen.”

Synovus also supports authentication for mobile users through REST (Representational State Transfer), which supports HTTPS-based assertions for when Kokate estimates are 8,000 mobile banking customers at this point (and more planned in the future). Because Synovus' intermediary, Crosscheck, supports these and other standards, Synovus can adapt to different types of identity federation requirements as needed.

 For complete article, click Federation 2.0:  An Identity Ecosystem.

Network Computing: SOA Security = XML + WAF

WAFs are well designed for protecting static HTML traffic, however, with the wide proliferation of SOA and the reuse of SOA-based components in dynamic web portals, significant XML, JSON and other non-HTML traffic is now generated from portals.  Handling security for sophisticated web portals requires functionality beyond that available in Legacy Web Application Firewalls (WAFs).

Network computing recently published a review of the industry-first integrated WAF + XML appliance, Forum Sentry WAF:

Forum Systems Integrates XML Gateway, Web Application Firewall On Single Appliance